<!--#include virtual="/Common/Config.asp" -->
<!--#include virtual="/Common/conn.asp" -->
<!--#include virtual="/Common/Function.asp" -->
<!--#include virtual="/Common/MD5.asp"-->

<%
If Request.ServerVariables ("Request_Method")="POST" Then

	Call User_Login()

Else
	Response.redirect "/Member/Login.asp"
End If 


Sub User_Login() '用户登陆

	UserName = Reform("Login_UserName")
	password = Request.Form("Login_Password")

	If Trim(UserName)="" Then 
		alertBox "请输入用户名!","javascript:history.go(-1)"
	End If

	If Trim(password)="" Then 
			alertBox "请输入密码!","javascript:history.go(-1)"
	End If

	If CodeIsTrue()=False Then
		'alertBox "验证码检验失败!","javascript:history.go(-1)"
	End If
	password = MD5(password)

	Sql = "SELECT UserID,UserPassword,Member_Type FROM Member  WHERE UserName = '" & UserName & "' "
	rs.open sql,conn

	If rs.EOF And rs.BOF Then
	
		Call conn_close()
		alertBox "用户名不存在!","javascript:history.go(-1)"
				
	Else
		
		UserPassword = rs("UserPassword")



		If UserPassword = password Then 
			Session("UserID")	  = rs("UserID") 
			Session("UserName")   = UserName

			Session("Member_Type")= rs("Member_Type")
				
			

			Client_IP = get_clientip()

			sql = "UPDATE Member SET Last_LoginDate ='" & Now() & "' ,Last_LoginIP = '" & Client_IP & "',Login_Times = Login_Times+1 WHERE UserName = '" &UserName &"'"

			conn.execute(sql)

			response.redirect "Index.asp"
	
		Else
			alertBox "密码不正确!","javascript:history.go(-1)"
		End If
		

	End If
	
End Sub 
Public Function CodeIsTrue()

	Dim CodeStr

	CodeStr = reform("code")
	
	If CStr(Session("rndcodes"))=CStr(CodeStr) And Session("rndcodes")<>""   Then
		CodeIsTrue=True
		Session("rndcodes")=empty
	Else
		CodeIsTrue=False
		Session("rndcodes")=empty
	End If
	
End Function


%>